Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Port 4899 (tcp/udp) Attack Activity Port 4899 (tcp/udp) Attack Activity

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
[get complete service list]
Port Information
Protocol Service Name
tcp radmin Remote Administrator default port
Top IPs Scanning
TodayYesterday (684) (146) (258) (132) (65) (127) (46) (89) (37) (77) (31) (64) (30) (59) (28) (56) (24) (54) (24) (54)
Port diary mentions
Law, spam, and 4899tcp
A day in the life of a firewall log
TCP scanning increase for 4899
User Comments
Submitted By Date
Timo Steffens 2009-10-04 18:34:16
On the following forum there is a post (#13) describing how to determine whether a packet was really intended for radmin (static identification data) :
2004-10-28 05:52:28
Ronaldo Vasconcellos 2004-08-23 22:42:38
More info on 4899 TCP on: [VulnWatch] SECNAP Security Alert: Radmin Default install options vulnerability As stated just above, there´s a known vulnerability related to this service (radmin). The intent of this post is just to provide you with more info about this vuln.
Paulo Sedrez 2004-07-23 04:58:32
There is a known remote exploitable vulnerability in radmin server versions 2.0 and 2.1 that allows code execution.
Add a comment
CVE Links
CVE # Description